<?php

class UserController extends Controller
{
    /**
     * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
     * using two-column layout. See 'protected/views/layouts/column2.php'.
     */
    public $layout = '//layouts/column2';


    public function actions()
    {
        return array(
            // captcha action renders the CAPTCHA image displayed on the contact page
            'captcha'=>array(
                'class'=>'CCaptchaAction',
                'backColor'=>0xFFFFFF,
            ),
            'page'=>array(
                'class'=>'CViewAction',
            ),
        );
    }
    /**
     * @return array action filters
     */
    public function filters()
    {
        return array(
            'accessControl', // perform access control for CRUD operations
            'postOnly + delete', // we only allow deletion via POST request
        );
    }

    /**
     * Specifies the access control rules.
     * This method is used by the 'accessControl' filter.
     * @return array access control rules
     */
    public function accessRules()
    {
        return array(
            array(
                'allow',
                'actions' =>array('register','captcha','login','logout'),
                'users'=>array('*'),
            ),
            array('allow', // allow authenticated users to update/view
                'actions' => array('update', 'view'),
                'roles' => array('authenticated')
            ),
            array('allow', // allow admins only to delete
                'actions' => array('create','delete', 'admin', 'index'),
                'roles' => array('admin'),
            ),
            array('deny', // deny anything else
                'users' => array('*'),
            ),
        );
    }

    /**
     * Displays a particular model.
     * @param integer $id the ID of the model to be displayed
     */
    public function actionView($id)
    {
        $this->render('view', array(
            'model' => $this->loadModel($id),
        ));
    }

    /**
     * Creates a new model.
     * If creation is successful, the browser will be redirected to the 'view' page.
     */
    public function actionCreate()
    {
        $model = new User();

        // Uncomment the following line if AJAX validation is needed
        // $this->performAjaxValidation($model);

        if (isset($_POST['User'])) {
            $model->attributes = $_POST['User'];
            if ($model->save()) {
                $userId = Yii::app()->db->getLastInsertID();
                $userAndAuth = new Authassignment();
                $userAndAuth->itemname = $_POST['Authitem']['name'];
                $userAndAuth->userid = $userId;
                if (!$userAndAuth->save()) {
                    print_r($model->errors);
                }
                $this->redirect(array('view', 'id' => $model->id));
            }

        }

        if (Yii::app()->user->checkAccess('admin')) {
            $modelAuth = Authitem::model()->findAllByAttributes(array('type' => 2));
        } else {
            $modelAuth = Authitem::model()->findAllByAttributes(array('name' => 'guest'));
        }

        $this->render('create', array(
            'model' => $model,
            'modelAuth' => $modelAuth
        ));
    }

    /**
     * Updates a particular model.
     * If update is successful, the browser will be redirected to the 'view' page.
     * @param integer $id the ID of the model to be updated
     */
    public function actionUpdate($id)
    {
        $model = $this->loadModel($id);

        // Uncomment the following line if AJAX validation is needed
        // $this->performAjaxValidation($model);
        // set the parameters for the bizRule
        $params = array('User' => $model);
        // now check the bizrule for this user
        if (!Yii::app()->user->checkAccess('updateSelf', $params) &&
            !Yii::app()->user->checkAccess('admin')
        ) {
            throw new CHttpException(403, 'You are not authorized to perform this action');
        }

        if (isset($_POST['User'])) {
            $model->attributes = $_POST['User'];

            if ($model->save() && Yii::app()->user->getId() == $id)
                $userId = Yii::app()->db->getLastInsertID();
                $userAndAuth = new Authassignment();
                $userAndAuth->itemname = $_POST['Authitem']['name'];
                $userAndAuth->userid = $userId;
            if (!$userAndAuth->save()) {
                print_r($model->errors);
            }
            $this->redirect(array('view', 'id' => $model->id));

        }

        if (Yii::app()->user->checkAccess('admin')) {
            $modelAuth = Authitem::model()->findAllByAttributes(array('type' => 2));
        } else {
            $modelAuth = Authitem::model()->findAllByAttributes(array('name' => 'guest'));
        }

        $this->render('update', array(
            'model' => $model,
            'modelAuth' => $modelAuth
        ));
    }

    /**
     * Deletes a particular model.
     * If deletion is successful, the browser will be redirected to the 'admin' page.
     * @param integer $id the ID of the model to be deleted
     */
    public function actionDelete($id)
    {
        $this->loadModel($id)->delete();

        // if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
        if (!isset($_GET['ajax']))
            $this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
    }

    /**
     * Lists all models.
     */
    public function actionIndex()
    {
        $dataProvider = new CActiveDataProvider('User');
        $this->render('index', array(
            'dataProvider' => $dataProvider,
        ));
    }

    /**
     * Manages all models.
     */
    public function actionAdmin()
    {
        $model = new User('search');
        $model->unsetAttributes(); // clear any default values
        if (isset($_GET['User']))
            $model->attributes = $_GET['User'];

        $this->render('admin', array(
            'model' => $model,
        ));
    }

    /**
     * Returns the data model based on the primary key given in the GET variable.
     * If the data model is not found, an HTTP exception will be raised.
     * @param integer $id the ID of the model to be loaded
     * @return User the loaded model
     * @throws CHttpException
     */
    public function loadModel($id)
    {
        $model = User::model()->findByPk($id);
        if ($model === null)
            throw new CHttpException(404, 'The requested page does not exist.');
        return $model;
    }

    /**
     * Performs the AJAX validation.
     * @param User $model the model to be validated
     */
    protected function performAjaxValidation($model)
    {
        if (isset($_POST['ajax']) && $_POST['ajax'] === 'user-form') {
            echo CActiveForm::validate($model);
            Yii::app()->end();
        }
    }

    public function actionRegister()
    {
        Yii::app()->theme = 'classic';
        $this->layout = 'main';
        $model = new User();
        $model->scenario = 'register';
        if (isset($_POST['User'])) {
            $model->attributes = $_POST['User'];
            $model->title = "User";

            if ($model->save()) {
                $userId = Yii::app()->db->getLastInsertID();
                $userAndAuth = new Authassignment();
                $userAndAuth->itemname = 'user';
                $userAndAuth->userid = $userId;
                if (!$userAndAuth->save()) {
                    print_r($model->errors);

                }
                Yii::app()->user->setFlash('success', "Bạn đã đăng ký thành công. Hãy đăng nhập để tiếp tục học.");
                $this->refresh();
            }else{
                //Yii::app()->user->setFlash('error', "Đăng ký đã thất bại. Bạn vui lòng đăng ký lại hoặc liên hệ với chúng tôi để được giúp đỡ.");
            }

        }

        $this->render('register',array('model'=>$model));
    }

    public function actionLogin()
    {
        $model=new LoginForm;

        // if it is ajax validation request
        if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
        {
            echo CActiveForm::validate($model);
            Yii::app()->end();
        }

        // collect user input data
        if(isset($_POST['LoginForm']))
        {
            $model->attributes=$_POST['LoginForm'];
            // validate user input and redirect to the previous page if valid
            if($model->validate() && $model->login())
                header('location:'.$_SERVER['HTTP_REFERER']);
        }

    }
    public function actionLogout()
    {
        Yii::app()->user->logout();
        header('location:'.$_SERVER['HTTP_REFERER']);
    }
}
